Today, New York City released its strategy to use technology to improve productivity, save money, attract startups and upgrade the services it provides to citizens. That’s a tall order, but then New Yorkers have rarely been know to think small or dream moderately.
“We want New York City to be the nation’s premier digital city – in how local government interacts with New Yorkers, in how New Yorkers have access to and capitalize on new technologies, and in how our tech and digital media sectors evolve, grow businesses and create jobs,” Mayor Michael Bloomberg said in a statement. His office released an official statement digital roadmap at MikeBloomberg.com. “NYC’s #digitalroadmap has 4 goals: access, open government, citizen engagement & expanding NYC’s digital job growth,” tweeted Bloomberg after the announcement.
Nick Judd secured an advance copy of NYC’s road map to the digital city over at techPresident, which I’ve embedded below, and has this analysis of some of the important bytes.
There are no explicit plans in the report for increasing the number of available datasets — such as more detailed city budget data — but do include an “apps wishlist” to streamline the process of requesting more data.
Implementing the recommendations in the report will in large part be the responsibility of city Department of Information Technology and Telecommunications Commissioner Carole Post, who is already in the process of pushing internally for updated city IT.
Archived video of today’s announcement by Mayor Bloomberg and NYC chief digital officer Rachel Sterne (which was, appropriately, livestreamed online) is embedded below.
Social media will play a role in the months ahead. When Adam Sharp, Twitter’s government guy, tweeted out the Wall Street Journal above, he highlighted a feature that melds social media with old school mobile technology: the use of “Fast Follow,” a function that goes back to Twitter’s earliest days.
“New Yorkers who want to follow @nycgov by SMS can text “follow nycgov” to 40404. No @Twitter acct or computer needed,” tweeted Sharp.
That means that every resident with a phone call can receive updates from the city’s official account. It will be interesting to see if city government advertises that to its residents over the coming months, particularly in areas where Internet penetration rates are lower.
Anil Dash, native New Yorker, blogger and entrepreneur, highlighted something important in the plan that transcended any particular initiative, technology or policy: it captures New York City government thinking about the Web as a public space.
It’s an extraordinary document, and as someone who loves the web, civic engagement, public infrastructure and New York City, it feels like a momentous accomplishment, even though it marks the beginning of a years-long process, not just the end of a months-long one.
But the single biggest lesson I got from the 65-page, 11.8mb PDF is a simple one: The greatest city in the world can take shared public spaces online as seriously as it takes its public spaces in the physical world.
As you’d expect, there’s a press release about the Digital Road Map, but more reassuringly, the document demonstrates the idea of the web as public space throughout, making the idea explicit on page 43:
Maintaining digital ‘public spaces’ such as nyc.gov or 311 Online is equally important as maintaining physical public spaces like Prospect Park or the New York Public Library. Both digital and physical should be welcoming, accessible, cared for, and easy to navigate. Both must provide value to New Yorkers. And for both, regular stewardship and improvements are a necessity.
New York City’s road map for a digital city plan is embedded below. You also can download the digital city roadmap as a PDF.
UPDATE: There are some concerns about what happens next out there in the community. New York City resident and director of the CUNY Mapping Service at the Graduate Center of the City University of New York (CUNY) Steven Romalewski also listened in on the announcement and blogged his concerns about ‘open data fatigue“:
I always worry when I see the city touting its technology efforts without also including local Community Boards, neighborhood groups, business advocates, urban planners, other elected officials, etc. who rely on access to public data so they can hold government accountable and do their jobs better. In my view, these groups need the data moreso than app developers. That is why open data efforts and policies are so important.
But the city seems more focused on apps than on community. I understand the economic development appeal of fostering startups. But the open data movement long predated apps. I highlighted this in my post last year (see the “Misplaced Priorities” section).
Apps are great (I use them constantly, and I’ve even developed one myself). And kudos to the city and its agencies for responding to app developers and making data more open so the developers can do great things with the data (things even the city might not do).
I just hope the latest announcements by the city will result in more real and lasting efforts to make data easier to access than the latest check-in craze. The Mayor already expressed some hesitation to making data accessible when a reporter asked him about CrashStat. CrashStat is a great example of my point — it wasn’t created to be an “app” per se; it’s an effort by a local nonprofit group to use public data to educate the public and hold government agencies more accountable about traffic injuries and fatalities. But the Mayor said he didn’t even know what CrashStat was, while making excuses about not making data available if it’s not in electronic format, or needs to be vetted, or is “sensitive”. Blah blah blah – we’ve heard all that before and it undermines my confidence in the city’s pronouncements that more data will really be made open.
The expectation of transparency is creating demand for government agencies to develop new ways to communicate complex data and trends to the public in easy-to-access and easy-to-understand formats.
Some agencies are turning to Google Maps and KML data to visualize raw information online and on mobile devices. Delivering data in more easily understandable formats not only boosts trust and confidence between government agencies and their publics, but also streamlines workloads among Data, Web, Editorial, and Customer Service teams.
The two men talked about how the Texas Comptroller is using public-facing maps to communicate with the public, including to the rapidly increasing numbers of citizens accessing government websites from mobile devices.
The utility of open government data can be quite concrete, as when live tsunami data is used to help save lives. It can also help people to understand more about the virtual lines in their towns and cities. In Texas, ClaimItTexas.org shows unclaimed property in Lone Star State.
Putting open government data to work
“Open government data has been used for a long time,” said Akin, citing the use of census data in newspapers. A new class of new media journalism is putting data to use in innovative ways, pointed out Castellon. “The Texas Tribune is one of the leaders in data visualization,” he said, which helps citizens to make sense of government data.
The key here, emphasized Akin, is that is not just enough to simply dump data. You need ways to visualize it and make it meaningful as information. “There’s a lot of resistance – people have been there, and that’s not how they’ve done things,” he said. “If you make a visualization that makes someone’s job easier pretty soon they start coming back to you.
With better data visualizations and more information, Castellon posited that more problem solving can take place. “When you release data, especiallly with science, education or research, there are stories embedded in that data,” he said.
In this narrative, it’s up to governments to release better, clean data in consumable formats and the evolving art of data journalism to make stories from it that give citizens, businesses and elected officials insight into the complexities of modern life.
The roundtable focused on the release of two new white papers. The first, “Creating Local Online Hubs: Three Models for Action,” by Adam Thierer, discusses scenarios where community leaders, citizens, media, technologists and — critically, local government — can work together” to create local online hubs where citizens can access information about their governments and local communities.” Creating such high-quality online information hubs was one of the 15 key recommendations of Knight Commission on the Information Needs of Communities in a Democracy. “Just as communities depend on maps of physical space, they should create maps of information flow that enable members of the public to connect to the data and information they want,” said the Knight Commission. (Download PDF or Read Online)
“Governments need to get more information out and make it more accessible, said Thierer today. “This shouldn’t be controversial.” Thierer said that government can do well to catalyze and support this development simply by doing a better job of making such information easily available in easy to use formats. While open government data stores have grown, Thierer noted that this has not trickled down. He cited the example of Manor, Texas as one example of where one local champion (former CIO Dustin Haisler) got help from Stanford and other external resources to get the local open data repository online.
Broadly, Thierer described three models for online hubs:
Hubs focused on community government information. Example: Texas Tribune
Community connections: local forums and community email listservs. Example: e-democracy.org
Thierer focused on the important role that libraries and local or state universities can play in this new ecosystem, by connected offline and online worlds. These universities could create “code toolboxes” that local communities can use, as Stanford did for Manor. He hoped that that model could be replicated nationally.
There are three basic issues here, according to Turner-Lee:
Do people get it?
Do they have the resources they need?
Can they do transparency with those resources?
“All of us who have been in this debate have seen a conflict between these three factors, said Turner-Lee. The question, she said Turner-Lee, is how we empower state and local government. The challenge is that in most open data effort, “We are still in a one-way world, where data is pushed down to the public, not in a reciprocal ecosystem.”
It’s one thing to say citizens who should be involved, said Turner-Lee, but more needs to be done. “As an organizer, I can speak to that. It’s hard to get people to a block meeting,” much less meeting online, she said. There’s also a persistent issue of the digital divide that has to be addressed in this context. “We cannot proclaim government transparency” where millions of people don’t have online access, said Turner-Lee.
There are many examples of where open data is being put to use on the behalf of citizens now. Turner cited apps driven by transit data in Chicago, heritage trees in Portland or the use of 311 by SeeClickFix in the District of Columbia.
Jon Grant focused on a major pain point for government at all levels for tapping into the innovation economy: procurement issues, which civic entrepreneurs run into in cities, statehouses and Washington. “It is time to look at these procurement rules more closely,” he said, and promote higher levels of innovation. “There are a lot of ideas are happening but a lot of rules restrict vendors from interacting in government,” said Grant. Turner-Lee observed that traditional procurement laws may also not be flexible enough to bring more mobile apps into government.
Fundamentally, empowering more government transparency through the Internet will require both creating a climate for the actions, said Turner-Lee, but also through structural changes, specifically, through the release of spectrum and Universal Service Fund (USF) reform.
It will also require that state and local government officials are part of the conversation, “It they aren’t at the table, we’re going to be pretty much talking to ourselves,” said Turner-Lee.
Former San Francisco CIO Chris Vein, now the new White House deputy CTO for government innovation, agreed. biggest challenge of all is that we like to think there are templates. to a certain extent, they can be. fundamentally, all politics is local. To make this work in government, a community “needs someone who takes risks, who goes out there and makes it happen regardlesss of the cost.”
All stakeholder at the panel acknowledged the crucial importance of community institutions, nonprofits and libraries in addressing issues of the digital divide and creating a bridge between online hubs and local citizens. Turner Lee noted that billions of people over the course of years have come into libraries for assistance, particularly the homeless and low-income citizens. “What better way to get people into the system by enabling libraries to be a conduit of information?” she asked.
“Public information belongs to the public, and the public’s business should be done in public,” said Turner. That said, local citizens also don’t want data for the sake of data. “Consumption of this data would be inconsistent if the data doesn’t provide quality of life,” she said.
A new report from the Pew Internet and American Life Project includes the sobering figure that potentially hundreds of thousands of Americans live with disabilities or illness that makes it harder or impossible for them to use the Internet. According to Pew, some two percent of American adults are unable to fully make use of one of the greatest platforms for collective action in history. ‘
The survey was based on a national survey of 3,001 U.S. adults in September 2010. Here are three other data points to consider:
27% of American adults live with a disability that interferes with activities of daily living.
54% of adults living with a disability use the internet, compared with 81% of adults who report none of the disabilities listed in the survey.
41% of adults living with a disability have broadband at home, compared with 69% of those without a disability.
“This is a correlation that we observed, not causation,” said Susannah Fox (@SusannahFox), associate director at the Pew Internet & American Life Project. “We don’t know that it’s the disability that’s causing that difference, but we do know that it’s not just lower levels of education or income, or age, all of which tend to depress Internet access rates. It’s something else.”
This research should be considered in the context of an ongoing matter before the Department of Justice (DoJ): the modernization of the Americans with Disabilities Act. When the Act was first passed, the DoJ stated in the preamble to the original 1991 ADA regulations that those regulations should be interpreted to keep pace with developing technologies. (28 CFR part 36, app. B.)
“The reality is that so much of what’s happening today in the world is online,” said Fox. “There’s a real difference between a someone in their 70s who doesn’t want to add the Internet to their life and someone in their 20s who can’t go online because of a disability.”
When the ADA was passed, Congress contemplated that the Department of Justice would apply the statute in a manner that evolved over time, and delegated authority to the Attorney General of the United States to put forward regulations to carry out the Act´s broad mandate. How the Department of Justice does so is still a matter for debate. The DoJ is considering extending the enforcement of the ADA to include websites operated by more entities, including the following list of 12 categories of “places of public accommodation” covered by the ADA from ADA.gov.
(1) An inn, hotel, motel, or other place of lodging, except for an establishment located within a building that contains not more than five rooms for rent or hire and that is actually occupied by the proprietor of the establishment as the residence of the proprietor;
(2) A restaurant, bar, or other establishment serving food or drink;
(3) A motion picture house, theater, concert hall, stadium, or other place of exhibition or entertainment;
(4) An auditorium, convention center, lecture hall, or other place of public gathering;
(5) A bakery, grocery store, clothing store, hardware store, shopping center, or other sales or rental establishment;
(6) A laundromat, dry-cleaner, bank, barber shop, beauty shop, travel service, shoe repair service, funeral parlor, gas station, office of an accountant or lawyer, pharmacy, insurance office, professional office of a health care provider, hospital, or other service establishment;
(7) A terminal, depot, or other station used for specified public transportation;
(8) A museum, library, gallery, or other place of public display or collection;
(9) A park, zoo, amusement park, or other place of recreation;
(10) A nursery, elementary, secondary, undergraduate, or postgraduate private school, or other place of education;
(11) A day care center, senior citizen center, homeless shelter, food bank, adoption agency, or other social service center establishment; and
(12) A gymnasium, health spa, bowling alley, golf course, or other place of exercise or recreation.
The public comment period for the Department of Justice’s notice of rulemaking regarding this extension will end on Monday, January 24th. The questions being contemplated by the DoJ are straightforward and yet potentially significant, with respect to their effects upon businesses: Do they operate a website? If so, does that website also have to be accessible?
The considerations and trade offs involved in answering those questions are complex but important. For people for whom accessibility is more than a “nice to have” feature, however, those answers will be meaningful.
“It’s not just the group today that’s having trouble going online,” said Fox, ” it’s about how the conversation today contributes towards building towards the future.”
Mill said that “many things have actually gone backward” with regards to Web accessibility. “Facebook, for one. Probs with Captcha for another.” When reached for further comment, he tweeted more about the challenge of navigating the social Web as a blind man:
I’d say the single biggest issue is the rate of change on websites and in software apps. Our screen-readers are constantly playing catch-up, and soon as they do another update is released that breaks things! With regards to social networking, FB is difficult also, as they change regularly. New Twitter is all but [unusable], but enterprising blind devs have created a software program called Qwitter client, found at www.qwitter-client.net. Those are a few of my thoughts. Apparently I could write a book!
According to Mill, the new version of Twitter, set to be rolled out to all users this year, “causes screen-readers to become sluggish and unresponsive. Also hard to find where to write the new tweets.” With respect to Facebook, “I can’t really access the main site, largely because I’m not sure where anything is!” tweeted Mills. “The mobile site works well enough, for the most part. All those games and such are out, but I mostly use it to update statuses and message friends and family.”
As dozens of freshmen Representatives move into their second week of work as legislators here in the District of Columbia, they’re going to come up against a key truth that White House officials have long since discovered since the heady days of 2008: governing requires different strategies, skills and approaches than campaigning. “House 2.0” may include an e-transition but the political realities that existed before new media are still very much in session.
This correspondent caught up with Johnson yesterday to talk about what he sees as the big trends for the intersection of technology, government, politics and citizens in 2011, along with his own plans for the future. On the latter, Johnson would only say on the record that he’s enjoying seeing how the work of the people within Big Window Labs is evolving, he waiting to hear back from the Knight Foundation on his proposal for a “community news kit,” and that he might have more to share about “what’s next” later this month. He was much more forthcoming about his perspective on key trends for 2011.
Transparency as Infrastructure
Given the sharp focus that Sunlight Labs puts on government transparency, it’s no surprise that Johnson sees the need and the movement towards smarter systems that “bake it in” to legislatures, the executive branch and the judiciary. He anticipates more built-in alarms for certain changes in drafted bills, regulations or meetings, with more intelligence that correlates how or who was responsible for that alteration.
Competition between the White House and the House on new media and open government
Yesterday, Jim Harper, director of information policy studies at the Cato Foundation and webmaster of WashingtonWatch.com, wrote that the GOP can eclipse Obama on transparency. “House Republicans can quickly outshine Obama and the Democratic Senate,” wrote Harper. “It all depends on how they implement the watch phrase of their amendment package: “publicly available in electronic form.”
The GOP House leadership must make sure that this translates into real-time posting of bills, amendments and steps in the legislative process, in formats the Internet can work with. It’s not about documents anymore. It’s about data. Today’s Internet needs the data in these documents.
There are no technical impediments to a fully transparent Congress. Computers can handle this. The challenges, however, are institutional and practical.”
Johnson identified this moment in history as an important inflection point, and one that, if the White House rises to the challenge, could legitimately be seen as an open government win for the American people and a smarter, more accountable government. The White House may hold the considerable advantages of the bully pulpit and the largest followings of any federal entity or politician on Twitter, for now, but that has to be balanced against the considerable new media prowess that the GOP has built up over their Democratic counterparts in Congress. There are many early signs to watch and weigh as the year begins. Along with new rules, the House leadership support for the creation of open, online video archives House.Resource.org, with Representative Issa solicit advice from the public on video platforms. Others projects cast some question on commitment in the rank and file to open government principles, as set out, with the GOP bending new House rules.
Investigations for accountability
Investigations will be significant in 2011 and 2012, says Johnson, and will go beyond simple political attacks or embarrassment for the administration. The new House Oversight Committee appears determined to play the role of inspector general for the federal government, not just White House programs. Considering the vast scale of potential waste, fraud and projects that are overdue, over budget or ineffective, that’s a legitimate big deal. It’s also in-line with the White House’s IT reform proposals, which have included cutting major IT projects. Keep an eye on how the tech that can make government better is applied to fraud detection, as efforts to apply open government data to dashboards and new technologies are coupled with oversight.
Federal CIO Vivek Kundra has said that the White House IT team is working with Congress on S.920, the Information Technology (IT) Investment Oversight Enhancement and Waste Prevention Act of 2009 introduced by Senator Carper (D-DE) that passed the Senate. The Obama administration will have to work with the incoming Republican majority to achieve similar legislation in the House. Given the emphasis on enhanced oversight and waste prevention, such legislation has at least a decent chance of being considered.
Given the scale of the federal government and the yawning budget deficit, investigations that actually identify waste and fraud would be timely. As a senator, President Truman saved the nation billions of dollars with hearings during war time. As 2011 begins, it’s still unclear whether the current Congress will able to follow his example.
There’s an ever increasing amount of data available to citizens, and applications to help them understand it, said Johnson. There are an emerging class of social entrepreneurs and civic hackers working to help citizens with the digital literacy they need for both. The information needs of citizens in a democracy are considerable. For open government and Gov 2.0 to go forward, this is a critical area, founded upon the a conception of smart citizenship that involves interaction with government on a weekly or even daily basis, not just on election day.
Rural broadband access
Internet access is fast becoming as important to citizens as other basic utilities, like water or electricity. According to the Pew Internet project, 79% of Americans are now online. Simply put, not being online in 2011 is a substantial impediment to the smart citizenship that Johnson describes. “It’s about data and information literacy, rather than just access,” said Johnson. “What you want is for people to be able to use the Internet at will, to tell fact from fiction, and find source data.”
The success of the FCC’s broadband plan will be critical to watch here. The digital divide that Johnson describes goes beyond broadband or dial up access. It’s between the digitally literate and those who are unable to benefit from full access to an Internet increasingly populated with bandwidth-intensive applications, is a crucial issue for governments everywhere, not just in the United States. The FCC’s new open Internet rules and their bearing on mobile broadband access will be important to watch in this area is well.
Digital Capital Week is coming back to the United States Capital on November 4th, 2011. In a livestream today, the organizers of the inaugural 2010 event announced the data and opened the gates for DC Week registration and ideas for events and outcomes. They’re planning on 10,000 attendees this year.
DCWEEK is a week long festival in the US capital focused on bringing together designers, developers, entrepreneurs, and social innovators of all kinds.
It’s a series of 100s of distributed events powered by the community and complemented by core conferences, parties, and projects created by the festival organizers iStrategyLabs and Tech Cocktail. DCWEEK 2010 was assembled in 3.5 months and drew 6,000 attendees from around the world. This year we’re planning on 10,000+.
The upcoming release of the final version of the White House “National Strategy for Trusted Identities in Cyberspace” highlights three key trends that face the world in 2011: online identity, privacy and security. Governments need ways to empower citizens to identify themselves online to realize both aspirational goals for citizen-to-government interaction and secure basic interactions for commercial purposes.
Earlier today, Stanford hosted an event today where U.S. Commerce Secretary Gary Locke and White House cybersecurity coordinator Howard Schmidt talked about the Obama administration’s efforts to improve online security and privacy at the Stanford Institute for Economic Policy Research (SIEPR). Here’s the NSTIC fact sheet the administration posted last year.
“As we look at the innovation engine that drives many of the things we’re doing, what does it mean to sit there as we’ve come together today,” asked Schmidt, “bringing these things together to overcome some of these risks associated with the technology we’ve deployed over the past 20 some odd years?”
The administration took public feedback on the document at NSTIC IdeaScale, which is now closed. (For a screenshot, see the story on IdeaScale on MSNBC.com.) “Every day at the end of the day. I would go back and read some of those comments,” said Schmidt today. “Some of them quite honestly were pretty silly. Other of them were very insight full and gave us some good thoughts about how can we do this right? How can we create a document that really does those things the secretary mentioned such as privacy enhancing but also giving us better trust?”
Today, at Stanford University, Commerce Secretary Gary Locke and I were pleased to announce that the Commerce Department will host a National Program Office (NPO) in support of the National Strategy for Trusted Identities in Cyberspace (NSTIC). As I’ve written previously, the NSTIC fulfills one of the action items in theCyberspace Policy Review (pdf) and is a key building block in our efforts to secure cyberspace.
This holiday season, consumers spent a record $30.81 billion in online retail spending, an increase of 13 percent over the same period the previous year. This striking growth outshines even the notable 3.3-5.5 percent overall increase in holiday spending this past year. While clearly a positive sign for our economy, losses from online fraud and identity theft eat away at these gains, not to mention the harm that identity crime causes directly to millions of victims. We have a major problem in cyberspace, because when we are online we do not really know if people, businesses, and organizations are who they say they are. Moreover, we now have to remember dozens of user names and passwords. This multiplicity is so inconvenient that most people re-use their passwords for different accounts, which gives the criminal who compromises their password the “keys to the kingdom.”
We need a cyber world that enables people to validate their identities securely, but with minimal disclosure of information when they’re doing sensitive transactions (like banking) – and lets them stay anonymous when they’re not (like blogging). We need a vibrant marketplace that provides people with choices among multiple accredited identity providers – both private and public – and choices among multiple credentials. For example, imagine that a student could get a digital credential from her cell phone provider and another one from her university and use either of them to log-in to her bank, her e-mail, her social networking site, and so on, all without having to remember dozens of passwords. Such a marketplace will ensure that no single credential or centralized database can emerge. In this world, we can cut losses from fraud and identity theft, as well as cut costs for businesses and government by reducing inefficient identification procedures. We can put in-person services online without security trade-offs, thereby providing greater convenience for everyone.
This is the world envisioned in the NSTIC. We call it the Identity Ecosystem. We will be working to finalize the NSTIC in the coming months, but that is only the beginning of the process. I’m excited to be working with Secretary Locke. The Commerce Department is perfectly suited to work with the private sector to implement the NSTIC. In addition, there are other departments and agencies with strategic roles to play as well. Above all though, we look to the leadership of the private sector. Therein lies the key to success. Now is the time to move forward with our shared vision of a better, more secure cyberspace.
Why NSTIC Matters
The policy that the United States government makes towards the Internet has the potential to affect every person online in 2011, as advocates know, so how this is carried out bears close watching. The Center for Democracy and Technology filed key comments on NSTIC last year, including a key issue: “We alerted the Commerce Department to our concern about NSTIC’s current focus on the use of government credentials for private transactions: A pervasive government-run online authentication scheme is incompatible with fundamental American values,” wrote Heather West regarding the cybersecurity policy proposal.
The issue is at once simple and enormously complex, as Jim Dempsey from the Center for Democracy and Technology highlighted today. Government needs a better online identity infrastructure to improve IT security, online privacy, and support ecommerce but can’t create it itself, said Dempsey, outlining the key tension present. Dempsey advocated for a solution for online identity that lies within a broader trust framework and that is codified within a baseline federal consumer privacy law.
Some of the answers to the immense challenge of securing online privacy and identity won’t be technical or legislative at all. They lie in improving the digital literacy of for online citizens. That very human reality was highlighted after the massive Gawker database breach last year, when the number of weak passwords used online became clear. Schmidt highlighted the root caused of passwords today:
The reason most people do that is because we have to worry about remembering so many different passwords and then there’s so many layers of complexity and, complexity that we have to worry about, we have different time frame. We replace them every 30-day, 60 days, 90 days and it becomes really cumbersome. And recent survey found that 46% of the people surveyed never ever have changed their passwords and 71% use the same password with over and over and over again. From reading an on-line blog to doing sensitive financial transactions.
Others answers may be founded in creating online trust frameworks, which were a key initiative in 2010 for the federal government. Multifactor authentication, where more than one forms of identity are used in transactions, will be part of that vision. Schmidt described, loosely, what that might look like.
I go to a store. I go to a grocery store in some cases. I do some level of proofing, whatever I want to wind up doing, whether it’s the lowest level or the highest level to get an online identity stored on a token. A digital identity. Whether it’s on a USB drive or whether it’s on a smart card, I have the ability to do something beyond what I’m doing now. I go to log-in to these accounts. I use the USB device, I use a smart card. I use a one time password on my mobile device that no longer puts me in a position where I’ve been in the past where I can wind up making one small mistake and paying for it for years. But then I also get the log-in to my web mail account. That credential is passed on as well. So I have the ability to do these things seamlessly without all the baggage and overhead that goes with it. But then here comes the true test – this web mail – this phishing e-mail – comes in, and working together between the token and my digital identity and the browser, it stops me from doing things that are going to be harmful. And I had the ability to control that. I have the ability to set this up. And then it keeps me from becoming a victim of fraud.
That combination of physical tokens that interface with commercial and communications infrastructure to authenticate a consumer or online user are one vision of an identity ecosystem. Given the commercial needs of the moment, it should not be a surprise that the Department of Commerce is a key player. Secretary Locke offered perspective on the challenges that face the nation in 2011. [Full unedited transcript]
Let’s flash forward to today to 2011. Nowadays the world does an estimated $10 trillion of business online. Nearly every transaction you can think of is being done over the Internet. Consumers paying their utility bills, even from smartphones. People downloading music, movies and books online. Companies from the smallest local store to bed and breakfasts, to multinational corporations, ordering goods, paying vendors, selling to customers, all around the world. All over the Internet. E-commerce sales for the third quarter of 2010 were estimated at over $41 billion, up almost 14% over last year. And early reports indicate that the recent holiday buying season saw similar growth with year over year sales up by over 13%.
But despite these ongoing successes, the reality that the Internet still faces something of a trust issue. And it will not retch its full potential until users and consumers feel more secure than they do today when they go on-line. The threats on the Internet seem to be proliferating just as fast as the opportunities. Data breaches, malware, ID theft and spam are just some of the most commonly known invasions of a user’s privacy and security. And people are worried about their personal information going out and parents, like me, are worried about unwarranted sexually explicit material coming in before their children. And the landscape is getting more complex as dedicated hackers undertake persistent targeted attacks and develop ever more sophisticated frauds.
The approach that Locke outlined will apparently be housed within the Department of Commerce, a choice that is likely relevant to the scale and growth of e-commerce online:
The end game of course, is to create an identity ecosystem where individuals and organizations can complete online transactions with greater confidence, putting greater trust in the online identities of each other, and greater trust in the infrastructure that the transactions run over. Let’s be clear, we’re not talking about a national ID card. We’re talking about a government controlled system. But what we are talking about is enhancing online security and privacy, and reducing, and perhaps even eliminating, the need to memorize a dozen password through the creation and use of more trusted digital identities. To accomplish this, we’re going to need your help. And we need the private sector’s expertise and involvement in designing, building and implementing this identity ecosystem. To succeed we’ll also need a national program office at the Department of Commerce focused on implementing our trusted identities strategy.
For more context, look back to Schmidt’s introduction of the NSTIC at the WhiteHouse.gov blog last year:
Cyberspace has become an indispensable component of everyday life for all Americans. We have all witnessed how the application and use of this technology has increased exponentially over the years. Cyberspace includes the networks in our homes, businesses, schools, and our Nation’s critical infrastructure. It is where we exchange information, buy and sell products and services, and enable many other types of transactions across a wide range of sectors. But not all components of this technology have kept up with the pace of growth. Privacy and security require greater emphasis moving forward; and because of this, the technology that has brought many benefits to our society and has empowered us to do so much — has also empowered those who are driven to cause harm.
Today, I am pleased to announce the latest step in moving our Nation forward in securing our cyberspace with the release of the draft National Strategy for Trusted Identities in Cyberspace (NSTIC). This first draft of NSTIC was developed in collaboration with key government agencies, business leaders and privacy advocates. What has emerged is a blueprint to reduce cybersecurity vulnerabilities and improve online privacy protections through the use of trusted digital identities.
The NSTIC, which is in response to one of the near term action items in the President’s Cyberspace Policy Review, calls for the creation of an online environment, or an Identity Ecosystem as we refer to it in the strategy, where individuals and organizations can complete online transactions with confidence, trusting the identities of each other and the identities of the infrastructure that the transaction runs on. For example, no longer should individuals have to remember an ever-expanding and potentially insecure list of usernames and passwords to login into various online services. Through the strategy we seek to enable a future where individuals can voluntarily choose to obtain a secure, interoperable, and privacy-enhancing credential (e.g., a smart identity card, a digital certificate on their cell phone, etc) from a variety of service providers – both public and private – to authenticate themselves online for different types of transactions (e.g., online banking, accessing electronic health records, sending email, etc.). Another key concept in the strategy is that the Identity Ecosystem is user-centric – that means you, as a user, will be able to have more control of the private information you use to authenticate yourself on-line, and generally will not have to reveal more than is necessary to do so.
This is all wonky stuff that may seem a bit dry to some readers, but it’s important. The intertwined issues of identify, security and online privacy are increasingly relevant to every citizens as more commerce, education, communication and elements of everyday life move onto the Internet and mobile infrastructure. This strategy is central to how the United States government will work with industry, nonprofits, citizens and other states to improve the status quo. On that count, Bob Gourley, CTO of Crucial Point, commented extensively on the NSTIC at CTOVision.
It won’t be easy. Supporting the creation of identity infrastructure and improvements to online privacy in the private sector has the potential to make the Internet more secure and convenient for users and consumers but could have unintended consequences if not carefully pursued. There’s a lot at stake. As the Stanford event organizers highlighted, “e-commerce worldwide is estimated at $10 trillion of business online annually.”
Philip Kaplan, the outspoken founder of Blippy, AdBrite and Fucked Company, added a Silicon Valley developer voice to event’s panel, arguing that any system has to be simple to implement, so that developers working in their living room making a website can concentrate on building new features, not worrying about security.
The closest thing to that currently is Facebook Connect, which lets you use your Facebook credentials to login you in around the net and on mobile apps..
Which is another way of it might be as dangerous for a single company to be the world’s online ID vault as it would for the government to handle that task.
And right now, with Facebook at 600 million users and $50 billion in valuation, that future seems much more likely than a standards-based, interoperative system built by geeks at the behest of the feds.
Whether an online trust framework can be a viable alternative to Facebook’s play to be the identity provider online is a first-order question, and one that deserved examination. Kudos to Singel for putting the event in that context.
Weekend Reading: The most recent version of the NSTIC follows. Look for more reporting, both here or at another outlet, once the final version is released.
The digital divide in D.C. is an issue that has been receiving increased sunlight under the District’s chief technology officer, Bryan Sivak. As the Kojo Nnamdi Show episode on the D.C. digital divide reported, “a 2009 study by the OCTO found that the digital divide runs very deep in the city – 90% of residents in Northwest D.C. have high-speed internet access in their homes, but in Southeast, that figure falls to just 36% – 40%.”
Earlier this year, Washington became the recipient of stimulus funding for a digital divide initiative. This summer, the city turned on free wifi in many neighborhoods, which can be viewed at DC.wifi.gov. Today, Sivak announced D.C.’s first digital divide strategy:
It’s embedded below in the post. Interestingly, the digital divide strategy announcement at the Office of the Chief Technology Officer of D.C. indicated that it would be a “living document,” much like the Web itself:
OCTO is pleased to release a public draft of the District of Columbia’s first ever strategic plan to address the digital divide. This is intended to be a living document, updated quarterly or bi-annually as conditions warrant, and will reflect the current high-level vision of the District Government as it relates to tackling this important issue. Feedback is welcome so please feel free to share your thoughts and help us bridge this gap.
For a feel for the thinking of the DC CTO on this count, watch Sivak’s closing statement from the District of Columbia’s first-ever “Community Broadband Summit” (DC-CBS) is embedded below. The summit was a public forum designed to address the city’s digital divide.
It’s not clear whether Sivak will stay on under incoming Mayor-Elect Vincent Gray’s administration. If not, here’s hoping his replacement works with the D.C. tech community to connect more citizens to the Internet. Online access has become a vital link for information, services, access to jobs, education and communication with family, friends, teachers and coworkers in the 21st century. The District should be commended for continuing to working to bridge it.
What do you think of the strategy? Leave your thoughts in the comments.